Category: Volatility

Cybersecurity, Dfir, Forensics, Volatility

Volatility, my own cheatsheet (Part 1): Image Identification

In order to start a memory analysis with Volatility, the identification of the type of memory image is a mandatory step. Here some usefull commands. imageinfo For a high level summary of the memory sample you’re analyzing, use the imageinfo command. Most often this command is used to identify the operating system, service pack, and […]